Security breaches are all too common these days in the tech world with almost every company at some point in time having to learn the lesson of certain security flaws and deal with potentially hacked accounts. Now it’s Slack’s turn to play victim to a security breach, as the company has announced that it is resetting the password of as many as 65 000 users (according to ZDNet).
The only difference this time though before you all rush off to change your Slack passwords, is that this incident reportedly took place in March 2015 and the company has only recently learnt that a collection of user email addresses and password combinations had been compromised. According to the report, the company identified a security issue and following an investigation linked the credentials to a hack it suffered in 2015 when hackers were able to insert keylogging code into its software that was capable of reading user’s passwords as they entered them. The hackers also accessed a database of usernames and hashed passwords.
This is obviously quite a serious matter and as a result, Slack is automatically resetting all accounts created before this date where users have not since changed their passwords during this time or do not use a single-sign-on. These users can expect to be greeted with a password reset screen the next time they log in and have all apparently been notified via email of the action. Ultimately though, if users want the best protection for their accounts, the company recommends that users turn on two-factor authentication.
If you’re worried you might be affected, you can download a complete log of your account as a CSV file by visiting this page on Slack’s website. If not, well regularly changing a password or moving over to multi-factor authentication is always a good idea.
Last Updated: July 19, 2019